On the Router
Go to VPN.Select IPsec.Select the green “Add P1” button on the bottom left.Select the below settings for the Tunnel Phase 1:Key Exchange version: IKEv1Internet Protocol: IPv4Interface: WAN-VIPRemote Gateway: IP of NMS firewall Description: AIS NMSAuthentication Method: Mutual PSKNegotiation Mode: MainMy identifier: IP Address VIP addressPeer identifier: Peer IP AddressPre-Shared Key: Create a new Pre-Shared KeyEncryption Algorithm: AES SHA256 2 (1024 bit)Lifetime: 28800NAT Transversal: AutoDead Peer Detection: Enable DPD checkedDelay: 10Max failures: 50Select the below settings for the Tunnel Phase 2:Mode: Tunnel IPv4Local Network: Network / Local SubnetNAT/BINAT translation: Network / Subnet to be used on NMSRemote Network: NMS NetworkProtocol: ESPEncryption Algorithms: AESHash Algorithms: SHA256PFS key group: offLifetime: 86400Automatically ping host: NMS Internal IP
Change the system initial menu
Please contact AIS Support for assistance with IVR (initial menu) changes.
Re-record system recordings
Dial the specified feature code for the desired system recording from any handsetEnter the password, if required, followed by ‘'#’’ (the system will prompt for the password to be entered if one has been set)You will hear a beep and then the existing system recording will playTo listen to the recording again, press ‘‘1’’To re-record the recording, press ‘'’’After the beep, speak the new version of the recordingPress ‘'#’’ to end the recordingTo listen to the new recording, press ‘‘1’’To re-record the recording, press ‘'’’Hang up when you are satisfied with the way the new recording sounds
Type of Voice Lines Overview
A VoIP deployment can connect to the phone system in a number of ways:
By using existing analog lines and analog-to-digital conversion hardwareOpt to have no connections to analog lines for voice traffic and instead use a VoIP all-digital connection to an external phone service called a VoIP-termination service (note that fax lines and any emergency voice call lines generally need to continue to be analog-based) – see “Digital Incoming Lines” below digital connections depend on the site’s Internet connection to the VoIP-termination servers working and having adequate bandwidth for voice traffic available at all timesOr, use a mix of the two approaches More information is below on each approach.
This feature allows you to direct calls to your extension to instead to another internal extension or to an external phone number, such as your cell phone or home phone number. The “Follow me” feature (below) can also be used to do this.
Enable call forwarding
Dial the “Call Forward All Activate” feature code (''*72’')After being prompted, enter your own extension number followed by ‘'#’’ (this is the extension to redirect)If directing the call to another internal extension, enter the extension number followed by ‘'#’’If directing the call to an external phone number, enter the external number to dial followed by ‘'#’’The settings will be read back to you to confirm them.
AIS Managed VoIP provides a highly flexible, highly capable voicemail system.
Accessing Your Mailbox
Log in by pressing the voicemail button or by dialing *97 from your VoIP PhoneIf dialing from a phone with a different extension, dial *98, then your extension numberVoicemail Menus
The main menu will be the first menu you hear when you have logged in. Here are the main menu options:
Requirements: Cisco VoIP phones have a maximum Extension Secret/Password length of 16 characters (If a longer password is used, the phone will not register)
create extension for phone in AIS VoIP:Applications gt Extensions gt Add Extension gt New CHAN_SIPUser Extension: ext numberDisplay Name: ext numberOutbound CID: 10-digit phone number associatedSecret:Click “Advanced”.NAT Mode: YesTransport: All - TCP PrimaryClick “Submit”.Click “Apply Config” (Red button on top-right).Add external IP range to firewall port 69:create SEP[MAC ADDRESS].
Name: AIS_SIEM Server: syslog.aislabs.com Transport: UDP Port: !!Provided in email!! Format: BSD Facility: LOG_USER
2. Configure syslog forwarding for Traffic, Threat, and WildFire Submission logs
a. Select Objects gt Log Forwarding, click Add, and enter “AIS_FORWARDING” to identify the profile.
b. For each log type, each severity level, or WildFire verdict, select the “AIS_FORWARDING” Syslog server profile and click OK.
c. Assign the “AIS_FORWARDING” log forwarding profile to all of the security rules
3. To forward logs for a specific security policy / firewall rule:
a. Select Policies gt Security
b. Click the policy in which you want to configure log forwarding
c. Select Actions
d. Select the profile to forward the logs to in the Log Forwarding dropdown list
e. Click OK
4. Configure syslog forwarding for System, Config, HIP Match, and Correlation logs
a. Select Device gt Log Settings
b. For system and Correlation logs, click each Severity level, select the AIS_SIEM profile, and click OK.
c. For Config, HIP Match, and Correlation logs, click the Edit icon, select the AIS_SIEM profile, and click OK.
5. Commit the changes
Log in to https://security.aislabs.com.Click System top menu and then “Authentication”.If this is the first time creating a User for this Account, click “Roles” on the left side.Click “Add New Role”Name: ClientNameDescription: ClientNamePermissions:Streams: Click “Allow Editing” only next to the Stream.Click “Dashboards”.Click “Allow Editing” only next to that Dashboard.Click “Save”.Click “Users” and then “Add new user”.Username: type the email address. Note: AIS SIEM usernames are case sensitive, please only type the email address in lower case.
Adding new devices to the AIS NMS
log in to NMS platform as an admin userFor SNMP-enabled Devices (Most Devices)
Click Devices gt Add DeviceIn the Hostname textbox, type in the Hostname or IP Address of the device to be added.In most cases, the remaining default settings should stay the same and you should be able to click “Add Device”.For Ping Check Only Devices (Comcast Modems, etc)
Poller group: One or more NMS servers behind a pfSense that polls SNMP, icmp, and other service data from devices assigned to a specific Poller group every 5 minutesAll Poller groups use the same MySQL cluster as a central database.The web interface can view Devices from all Poller groups because of the central database.Manually adding devices must be done from the web interface of the Poller group associated with that device.
Set up Webroot First, prior to Continuum site.
Log into Continuum site.Log into Webroot portal.Click “Add Site”.In the first screen, enter site name using Full Company Name. Company is External, Size(approx), Industry(approx), leave all other fields at default.Change no other fields and click “Next”.On the Permissions page, hover over “Admin” radial in the top-left column. This makes the AIS admins admins over the site. Click “next”.This is the Protection page.